[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
rpms/audit/devel audit-setroubleshoot.patch, 1.4, 1.5 audit.spec, 1.104, 1.105
- From: fedora-cvs-commits redhat com
- To: fedora-cvs-commits redhat com
- Subject: rpms/audit/devel audit-setroubleshoot.patch, 1.4, 1.5 audit.spec, 1.104, 1.105
- Date: Sat, 5 Aug 2006 20:03:45 -0400
Author: dwalsh
Update of /cvs/dist/rpms/audit/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv5076
Modified Files:
audit-setroubleshoot.patch audit.spec
Log Message:
* Wed Aug 2 2006 Dan Walsh <dwalsh redhat com> 1.2.5-6
- Change audisp to use a named pipe
audit-setroubleshoot.patch:
AuditMsg.py | 63 ++++++++++++++++++++++++-------
audispd | 121 +++++++++++++++++++++++++-----------------------------------
2 files changed, 101 insertions(+), 83 deletions(-)
Index: audit-setroubleshoot.patch
===================================================================
RCS file: /cvs/dist/rpms/audit/devel/audit-setroubleshoot.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- audit-setroubleshoot.patch 27 Jul 2006 20:56:59 -0000 1.4
+++ audit-setroubleshoot.patch 6 Aug 2006 00:03:41 -0000 1.5
@@ -1,6 +1,6 @@
--- audit-1.2.5/audisp/audispd.setroubleshoot 2006-07-13 13:37:04.000000000 -0400
-+++ audit-1.2.5/audisp/audispd 2006-07-27 16:56:12.000000000 -0400
-@@ -1,22 +1,25 @@
++++ audit-1.2.5/audisp/audispd 2006-08-02 17:32:37.000000000 -0400
+@@ -1,76 +1,44 @@
#! /usr/bin/env python
import os, string, select, syslog
-import audit, avc, traceback
@@ -8,85 +8,141 @@
import AuditMsg
import subprocess, signal
-PLUGIN_DIRS = ['/etc/audisp.d', "/usr/lib/audit", "/usr/lib32/audit"]
-+PLUGIN_DIRS = ["/usr/lib/audit", "/usr/lib64/audit"]
import glob
++from socket import *
HUP=False
def huphandler(signum, frame):
global HUP
HUP=True
-+
-+def childhandler(signum, frame):
-+ syslog.syslog("Child Died %d %d " % os.wait() )
-+ return
-
- class Plugin:
- def __init__(self, cmd):
- self.cmd = cmd
- self.sub_process = None
+-
+-class Plugin:
+- def __init__(self, cmd):
+- self.cmd = cmd
+- self.sub_process = None
- self.pid = None
-
-+
- def run(self):
- self.sub_process = subprocess.Popen(self.cmd, \
- stdin=subprocess.PIPE, stdout=None, stderr=None, \
-@@ -27,6 +30,19 @@
- def stop(self):
- self.stdin.close()
-
-+ def get_pid(self):
-+ if self.subprocess is None:
-+ return None
-+ return self.subprocess.pid
-+
-+ def get_stdin(self):
-+ if self.subprocess is None:
-+ return None
-+ return self.subprocess.stdin
-+
-+ pid = property(get_pid)
-+ stdin = property(get_stdin)
-+
+- def run(self):
+- self.sub_process = subprocess.Popen(self.cmd, \
+- stdin=subprocess.PIPE, stdout=None, stderr=None, \
+- close_fds=True, shell=True)
+- self.stdin = self.sub_process.stdin
+- self.pid = self.sub_process.pid
+-
+- def stop(self):
+- self.stdin.close()
+
class audit_dispatcher:
- def __init__(self):
+- def __init__(self):
++ def __init__(self, server_address):
self.data = []
-@@ -50,6 +66,8 @@
- self.plugins.append(p)
- except OSError, e:
- syslog.syslog("plugin %s failed to start: %s" % (plugin, e))
-+ except IOError,e:
-+ syslog.syslog("plugin %s failed to start: IOError exception %s" % (plugin, e))
-
- for p in self.plugins:
- if p.cmd not in new_plugins:
-@@ -68,9 +86,14 @@
+- self.plugins = []
+- self.load_plugins()
++ self.outList=[]
++ self.auSock=socket(AF_UNIX,SOCK_STREAM)
++ if os.path.exists(server_address):
++ os.remove(server_address)
++ self.auSock.bind(server_address)
++ self.auSock.listen(5)
++ self.inList=[0, self.auSock]
+
+- def plugin_exists(self, cmd):
+- for p in self.plugins:
+- if p.cmd == cmd:
+- return True
+- return False
+-
+- def load_plugins(self):
+- new_plugins = self.get_plugins()
+- for plugin in self.get_plugins():
+- if not self.plugin_exists(plugin):
+- syslog.syslog("Starting %s" % plugin)
+- p = Plugin(plugin)
+- try:
+- p.run()
+- self.plugins.append(p)
+- except OSError, e:
+- syslog.syslog("plugin %s failed to start: %s" % (plugin, e))
+-
+- for p in self.plugins:
+- if p.cmd not in new_plugins:
+- p.stop()
+- self.plugins.remove(p)
+-
+- def get_plugins(self):
+- plugins = []
+- for dir in PLUGIN_DIRS:
+- plugins.extend(glob.glob(os.path.join(dir, '*')))
+- return plugins
+-
+ def add(self, msg):
+ self.data.append(msg)
+
def process(self):
if len(self.data) > 0:
msg=self.data.pop(0)
- for plugin in self.plugins:
-# syslog.syslog("sending plugin %s: '%s'" % (plugin.cmd, msg.get_body()))
- plugin.stdin.write(msg.binary())
-+ try:
-+ for plugin in self.plugins:
-+ #syslog.syslog("sending plugin %s: '%s'" % (plugin.cmd, msg.get_body()))
-+ plugin.stdin.write(msg.binary())
-+ except IOError,e:
-+ syslog.syslog("plugin %s failed: IOError exception %s" % (plugin.cmd, e))
-+ self.plugins.remove(plugin)
-+
++ for s in self.outList:
++ try:
++ s.send(msg.binary())
++ except IOError,e:
++ syslog.syslog("IOError exception %s" % (e))
++ s.close()
++ self.outList.remove(s)
++ except error,e:
++ syslog.syslog("Socket error %s" % (e))
++ s.close()
++ self.outList.remove(s)
return 0
else:
return 500
-@@ -86,6 +109,7 @@
- if not msg.read_from_fd(0):
- syslog.syslog("Connection closing")
- return
-+ #syslog.syslog("Read Input: type=%d body='%s'" % (msg.get_msg_type(), msg.get_body()))
- self.add(msg)
- sleep=0
- else:
-@@ -98,22 +122,24 @@
- self.load_plugins()
+@@ -78,42 +46,55 @@
+ def run(self):
+ global HUP
+ sleep=500
+- while 1:
++ while True:
+ try:
+- input,output, err = select.select([0],[], [], sleep)
+- if 0 in input:
+- msg = AuditMsg.AuditMsg()
+- if not msg.read_from_fd(0):
+- syslog.syslog("Connection closing")
+- return
+- self.add(msg)
+- sleep=0
+- else:
+- sleep=self.process()
++ input,output, err = select.select(self.inList,[], self.outList, sleep)
++ for s in input:
++ if s == 0:
++ syslog.syslog("s == 0")
++ msg = AuditMsg.AuditMsg()
++ if not msg.read_from_fd(0):
++ syslog.syslog("Connection closing")
++ return
++ self.add(msg)
++ sleep=0
++
++ if s == self.auSock:
++ c,address=self.auSock.accept()
++ self.outList.append(c)
++
++ for s in err:
++ syslog.syslog("s in err")
++ if s in self.outList:
++ s.close()
++ self.outList.remove(s)
++
++ sleep=self.process()
+
+ except select.error, e:
+ if e[0] == 4:
+ if HUP:
+ syslog.syslog("HUP signal")
+- self.load_plugins()
HUP=False
else:
- syslog.syslog("select exception %s " % e.args)
@@ -97,13 +153,15 @@
- syslog.syslog("Type exception %s " % e.args)
+ syslog.syslog("Type exception %s " % e)
syslog.syslog(traceback.format_exc())
-
+-
++ return
++
try:
syslog.openlog("audispd")
syslog.syslog("starting audispd")
signal.signal(signal.SIGHUP, huphandler)
-+ signal.signal(signal.SIGCHLD, childhandler)
- dispatcher=audit_dispatcher()
+- dispatcher=audit_dispatcher()
++ dispatcher=audit_dispatcher("/var/run/auditd_sock")
dispatcher.run()
except IOError,e:
@@ -114,7 +172,7 @@
except Exception, e:
syslog.syslog("Unexpected exception %s " % e)
--- audit-1.2.5/audisp/AuditMsg.py.setroubleshoot 2006-07-13 13:36:08.000000000 -0400
-+++ audit-1.2.5/audisp/AuditMsg.py 2006-07-21 09:08:55.000000000 -0400
++++ audit-1.2.5/audisp/AuditMsg.py 2006-08-02 17:30:27.000000000 -0400
@@ -1,33 +1,55 @@
import struct, os
+
Index: audit.spec
===================================================================
RCS file: /cvs/dist/rpms/audit/devel/audit.spec,v
retrieving revision 1.104
retrieving revision 1.105
diff -u -r1.104 -r1.105
--- audit.spec 27 Jul 2006 21:34:08 -0000 1.104
+++ audit.spec 6 Aug 2006 00:03:41 -0000 1.105
@@ -1,7 +1,7 @@
Summary: User space tools for 2.6 kernel auditing
Name: audit
Version: 1.2.5
-Release: 5
+Release: 6
License: GPL
Group: System Environment/Daemons
URL: http://people.redhat.com/sgrubb/audit/
@@ -168,6 +168,9 @@
%config(noreplace) %attr(640,root,root) /etc/sysconfig/auditd
%changelog
+* Wed Aug 2 2006 Dan Walsh <dwalsh redhat com> 1.2.5-6
+- Change audisp to use a named pipe
+
* Fri Jul 21 2006 Dan Walsh <dwalsh redhat com> 1.2.5-5
- Fix dispatcher to handle sigchld
- Fix library location for 64 bit
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]